Ce diaporama a bien été signalé.
Le téléchargement de votre SlideShare est en cours. ×

Regulation of health apps -A practical guide january 2012

Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
January 2012




Regulation of health apps:
a practical guide




            d4 Research
Regulation of health apps: a practical guide



Important Notice
Please note that whilst d4 are willing to give any help a...
Regulation of health apps: a practical guide



Contents
Executive Summary ..................................................
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité

Consultez-les par la suite

1 sur 33 Publicité

Regulation of health apps -A practical guide january 2012

Télécharger pour lire hors ligne

Regulation of health apps: A practical guide from Bluelight www.bluelightpartners.com and D4 www.d4.org.uk

The primary purpose of this guide is to highlight the challenges that surround the provision and use of health apps from a regulatory standpoint, whether as a patient, health care professional, application developer, healthcare organisation, pharmaceutical or medical devices company.

There are three key questions we wanted to address in this guide:

How are health apps regulated, and how do I know if they are safe to use?
What other issues should I consider if I’m developing a health app?
How can I support the use of health apps across my organization?

Regulation of health apps: A practical guide from Bluelight www.bluelightpartners.com and D4 www.d4.org.uk

The primary purpose of this guide is to highlight the challenges that surround the provision and use of health apps from a regulatory standpoint, whether as a patient, health care professional, application developer, healthcare organisation, pharmaceutical or medical devices company.

There are three key questions we wanted to address in this guide:

How are health apps regulated, and how do I know if they are safe to use?
What other issues should I consider if I’m developing a health app?
How can I support the use of health apps across my organization?

Publicité
Publicité

Plus De Contenu Connexe

Diaporamas pour vous (17)

Similaire à Regulation of health apps -A practical guide january 2012 (20)

Publicité

Plus récents (20)

Regulation of health apps -A practical guide january 2012

  1. 1. January 2012 Regulation of health apps: a practical guide d4 Research
  2. 2. Regulation of health apps: a practical guide Important Notice Please note that whilst d4 are willing to give any help and advice that we can, any views given by us on the interpretation of regulations represent our best judgement at the time, based on the information available. Such views are not meant to be definitive statements of the law, which may only be given by the Courts. Accordingly, we would always advise enquirers to seek the views of their own professional advisors. © 2012 Devices 4 Limited 2
  3. 3. Regulation of health apps: a practical guide Contents Executive Summary .............................................................................................................................................................................................4   Foreword........................................................................................................................................................................................................................5   Chapter 1: Introduction.................................................................................................................................................................................... 7   Chapter 2: Market context ..............................................................................................................................................................................8   Chapter 3: Regulatory frameworks applicable to health apps .....................................................................................12   The role of the MHRA................................................................................................................................................................................12   The Medical Device Directive ............................................................................................................................................................13   Pharmaceutical industry perspective.......................................................................................................................................... 19   Further regulatory considerations in Europe...................................................................................................................... 20   Evidence of conformity in Europe................................................................................................................................................ 20   Regulation of health applications in the USA....................................................................................................................21   Chapter 4: Considerations for health app developers.........................................................................................................22   Intellectual Property Rights................................................................................................................................................................22   Design, build and test...............................................................................................................................................................................22   Managing liability ...................................................................................................................................................................................... 23   Further reading.............................................................................................................................................................................................. 23   Case Study: Mersey Burns app ........................................................................................................................................................... 24   Chapter 5: Managing app use within a health organisation........................................................................................ 25   Paradigm shift: app mentality ......................................................................................................................................................... 25   Harnessing consumerisation............................................................................................................................................................... 25   Recognising app risk ................................................................................................................................................................................ 26   Managing the app environment........................................................................................................................................................ 26   Promoting the use of apps across the organisation.....................................................................................................27   Limitations of public app stores.................................................................................................................................................. 28   Further reading.............................................................................................................................................................................................. 28   Case study: Happtique............................................................................................................................................................................... 29   Chapter 6: Conclusion......................................................................................................................................................................................31   How are health apps regulated, and how do I know if they are safe to use? ......................................31   What are the regulatory issues I should consider if I’m developing a health app? .......................31   How can I manage the use of apps across my organisation? ..............................................................................31   Closing remarks and recommendations .................................................................................................................................... 32   © 2012 Devices 4 Limited 3
  4. 4. Regulation of health apps: a practical guide Executive Summary Market context Mobile phones have been shown to improve patient care and their use in a clinical environment is becoming more widely accepted. While mobile phones are primarily used for communication purposes, their ability to run standalone software is extending their use in the healthcare environment. There has been considerable growth in the number of health apps available for download, but the regulatory position of this new technology is not well known. Regulatory frameworks applicable to health apps Different regulatory frameworks apply in different jurisdictions. In the EU, directives establish a harmonised regulatory position for adoption by member states. While standalone software can be deemed a medical device under the Medical Device Directive, the definitions are not explicit and therefore are open to interpretation. Within the UK, the MHRA is responsible as the Competent Authority under the Medical Device Directive, and provides guidance to device manufacturers. However at present there is no central European register of registered medical devices. Each Competent Authority manages its own register, and a manufacturer needs only to register in one member state to place its device on the market across the EU. Registered medical devices are required to carry the CE mark. It is understood that to date only one app that is publically available for download has been registered as a medical device with the MHRA in the UK. In the USA, often cited as the largest healthcare market in the world, the FDA has recently completed consultation on new guidelines covering the definition and regulation of ‘mobile medical apps’. Further considerations for budding health app developers When approaching health app development, it is important that developers consider the issues of intellectual property rights and liability. Developers typically follow a robust design, build and test cycle to ensure the finished product is of a high quality, which is essential for software used in a healthcare environment Managing app use within a health organisation The rising popularity of smart phones and app use is both an opportunity and a threat for health organisations. An ‘app mentality’ is emerging that represents a paradigm shift in healthcare software market, with the potential to deliver better patient outcomes with a clear line of sight to return on investment. With the growing ‘consumerisation’ of IT, organisations are under pressure to support the use of new technologies in the workplace, often utilising the personal devices brought to work by employees. This raises important challenges for the organisation, and the need to establish a clear strategy to manage ‘app risk’. Establishing a private app ‘store’ to help distribute private apps and signal apps approved for use by the organisation may also be a consideration. © 2012 Devices 4 Limited 4
  5. 5. Regulation of health apps: a practical guide use of mobile devices in the workplace as reported by some survey participants. Foreword The costs incurred by health Love them or loath them, mobile devices professionals using their own mobiles are a feature of modern life. Almost for work purposes are not insignificant every adult in the UK has one, and is however. Based on our survey data, d4 familiar with their use as a portable estimate these out of pocket expenses, telephone and two-way pager via SMS. currently absorbed by UK health From when we wake until we fall professionals, are as much as £100 asleep, the mobile is, for many of us, million per year. always within arm's reach. The lack of financial support for mobile The lexicon is evolving alongside the phone usage by UK health professionals technology. In developed markets, the is difficult to understand when one term ‘mobile phone’ is ceding ground to considers the cost of poor ‘smart phone’, a hybrid device that communication within the healthcare boasts components and functionality system. Emulating US research more closely resembling a computer published in 2010, d4 estimate that poor than a telephone. communication costs NHS hospitals in England alone in excess of £1 billion2, This combination of both physical using conservative figures for wasted proximity and digital capability means doctor time, wasted nurse time, and that we are increasingly able to work patients remaining in hospital beds for anywhere, anytime. This is particularly longer than necessary. The full social important for professionals who are impact is likely to be a magnitude constantly on the move and rarely have higher. the opportunity to sit down in front of a desk with a networked computer and/or Alternatively consider this: the cost of a a landline telephone. patient bed day is estimated at £400 and up. This is comparable to the total cost The need for good communication in of ownership for a smart phone for an such an inherently mobile and highly entire year. So, if a smart phone saves complex industry as healthcare, where one patient bed day per year, it has addressing patient needs is paramount, immediately paid for itself. is perhaps unparalleled. Yet our 2010 survey1 of mobile phone usage in the UK d4 was founded to address a number of shows that the provision of mobile concerns in response to these devices to health professionals by observations. We believe health employers is very low. professionals should receive more support while the supply of modern Fortunately for patients, our survey technology by their employers fails to suggests that a high proportion of meet their needs. health professionals are bridging the gap left by their employer and are At present, the majority of health supporting their duties by carrying their professionals are purchasing mobile own mobile at work. We applaud this technology through standard retail pragmatic and selfless solution to a channels. We suggest this has the perceived system failure, particularly following drawbacks: given negative employer attitudes to the 2 http://blog.d4.org.uk/2010/09/inefficient- communication-a-1bn-problem-for-nhs-hospitals-in- 1 http://www.d4.org.uk/research/ england.html © 2012 Devices 4 Limited 5
  6. 6. Regulation of health apps: a practical guide group purchasing power and tax 1. By acting individually or in small efficiencies. This will range from the groups, health professionals do not provision of mobile devices (i.e. achieve the buying power that should hardware), applications for their mobile come with belonging to one of the devices (i.e. software) and supporting largest sectors in the UK workforce – products and services according to an over 1.4million health professionals individual’s needs. are listed on the nine statutory registers in the UK. Our goal is to be able to provide health 2. Network operators are unable to professionals with mobile devices and differentiate the needs of health applications at prices that are better professionals if they purchase than they can achieve through typical through standard channels and retail channels. In parallel, we also therefore receive the same standard want to support our members’ use of service as per any other retail this technology in a manner that customer, with limited access to any recognises their professional status, e.g. central service architecture typically bespoke, priority assistance from deployed across large workforces. suppliers that differentiates health 3. Health professionals receive little professionals from retail customers. support to aid their purchasing Over time, we want to help our decisions given their specific work- members further by providing related needs. additional goods and services as directed 4. Despite using a mobile at work to by them. support their duties, health professionals are rarely compensated We are currently working hard to put all for this usage. Further, the the necessary building blocks in place to procurement of this technology is make this a reality. This includes predominantly made from their post- raising finance to fund the initial start- tax income. up, negotiating with suppliers to source the technology that health professionals We want d4 to become a social currently use and to build the enterprise at a national level, co- infrastructure for further growth and ordinating the significant existing innovation. We are also working with personal expenditure on technology by the government and other stakeholders health professionals to: to ensure a sustainable future for d4. • Improve patient safety, care, and This guide marks a further step in our outcomes journey as we attempt to highlight the • Reduce the cost of ownership for the relevance and support the development individual of ‘mHealth’ in the UK. We hope you • Raise security awareness and find this an interesting and informative compliance document, and we welcome your • Support enhanced productivity and feedback. effectiveness • Encourage greater use of mobile devices in the workplace Instead of purchasing products and James Sherwin-Smith services as individuals from their post Chief Executive, d4 tax income to support their healthcare work, health professionals will be invited to become members of d4 and receive benefits in return, utilising © 2012 Devices 4 Limited 6
  7. 7. Regulation of health apps: a practical guide Chapter 1: Introduction Mobile technology has the potential to transform the provision of healthcare in the UK. However looking beyond the hype that surrounds the ‘mHealth’ (mobile health) industry and its significance for society, we believe there should be a focus on the needs of health professionals, an area that is consistently over-looked. After all, if patients are to embrace the freedoms of having access to their own healthcare data to manage their treatment (see the 2010 consultation paper3 “Liberating the NHS: An Information Revolution”), it is imperative that health professionals are suitably equipped at the point of care, and are therefore in a position to advise patients based on their own assessment and experience of the technology available. The primary purpose of this guide is to highlight the challenges that surround the provision and use of health apps from a regulatory standpoint, whether as a patient, health care professional, application developer, healthcare organisation, pharmaceutical or medical devices company. As an independent, non-profit organisation, d4 are neither resourced nor qualified to give opinions on legal matters, but we hope that this guide will serve as a useful reference to direct further research and advice. We also hope that this document will provoke further debate on this topic from interested parties in the UK and across the world. There are three key questions we wanted to address in this guide: 1. How are health apps regulated, and how do I know if they are safe to use? 2. What other issues should I consider if I’m developing a health app? 3. How can I support the use of health apps across my organisation? We believe this document will be useful for a variety of different audiences • Health professionals and executives • Organisations representing the interests of health professionals and patients • Policy makers and regulators • Healthcare employers, managers and governors • Manufacturer and distributors of pharmaceutical products • Medical device companies • Mobile device manufacturers • Mobile network operators • Software developers • Patients and the general public as a whole 3 Department of Health (18 Oct 2010) retrieved on 9 Dec 2010 from http://www.dh.gov.uk/en/Consultations/Liveconsultations/DH_120080 © 2011 Devices 4 Limited 7
  8. 8. Regulation of health apps: a practical guide Chapter 2: Market context Running software on a mobile device is not a new phenomenon in healthcare – there is academic research discussing the opportunities of this technology dating back as early as 19964. However the proposition has only really become mainstream following the launch of the iPhone and iTunes App Store by Apple in July 2008 backed by a hugely successful “There’s an app for that” advertising campaign. Opening with a mere 500 applications available for download, there are now over 500,000 applications available for Apple devices and the App Store recently surpassed 18 billion downloads. Figure 1: Growth in available apps and downloads to date for the Apple App Store 20BN 600K 18BN 16BN 500K 14BN 400K 12BN 10BN 300K 8BN 6BN 200K 4BN 100K 2BN 0BN 0K Jan-11 Apr-11 Jul-11 Oct-11 Jan-10 Jul-10 Apr-09 Oct-08 Oct-09 Apr-10 Jul-08 Jan-09 Jul-09 Oct-10 Downloads to date Available apps Source: Apple news releases, media reports Apple are not alone in the market, with several technology companies distributing apps such as Google’s Android Market, RIM’s BlackBerry App World, Nokia’s Ovi Store, Palm’s App Catalog and Microsoft’s Windows Marketplace for Mobile. However Apple is understood to have a commanding lead with greater than 80% market share. 4 E. Coiera, “Clinical communication: a new informatics paradigm,” Proceedings: A Conference of the American Medical Informatics Association Fall Symposium, pp. 17-21, 1996. © 2012 Devices 4 Limited 8
  9. 9. Regulation of health apps: a practical guide Figure 2: Annual revenue from app distribution for major store operators $2,500MM $2,000MM $1,500MM Google Android Market Nokia Ovi Store $1,000MM BlackBerry App World Apple App Store $500MM $0MM 2009 2010 Source: IHS Screen Digest February 2011 As the number of apps has increased, so has the need for categorisation to help users find relevant apps. On both the Apple and Android platforms there is a distinct category for “Medical” which we interpret as aimed at health care professionals, while “Healthcare & Fitness” is often used to describe apps for use by patients and the general public. It is important to stress that the allocation of apps to categories is not closely curated – developers may submit their app categorised as they feel appropriate, and may list the same app under multiple categories. The biggest category on the App Store is Games at almost 16%, and it is estimated that this category was responsible for over 50% of app sales. The Medical and Healthcare & Fitness categories are modest by comparison, each making up approximately 2% of the store, for a combined total of over 21,000 apps. Figure 3: Composition of the UK Apple App Store by primary genre Weather Navigation Medical Social Networking Finance Photo & Video Health & Fitness News Productivity Sports Reference Music Business Travel Utilities Lifestyle Education Entertainment Books Games 0% 2% 4% 6% 8% 10% 12% 14% 16% Source: Apple Enterprise Data Feed for the UK App Store, December 2011 © 2012 Devices 4 Limited 9
  10. 10. Regulation of health apps: a practical guide This is a dynamic, evolving market, with new apps being released, and old apps being updated to include new features and to ensure compatibility with the latest devices and operating systems. There are now approximately 1,000 new releases of health related applications every month. Figure 4: Medical and Health & Fitness apps by month released in the UK Apple App Store 700 600 500 400 300 200 100 0 2008-11 2009-01 2009-11 2010-01 2010-11 2011-01 2011-10 2009-06 2008-09 2009-09 2011-11 2009-04 2009-05 2008-07 2009-02 2009-07 2010-06 2008-10 2009-10 2010-09 2010-04 2010-05 2010-02 2010-07 2008-12 2009-12 2011-06 2010-10 2011-09 2011-04 2011-05 2010-12 2011-02 2011-07 2008-08 2009-08 2009-03 2010-08 2010-03 2011-08 2011-03 Medical Health & Fitness Source: Apple Enterprise Data Feed for the UK App Store, December 2011 Health professionals are embracing this new technology. d4 published a survey of mobile phone usage by UK health professionals late in 20105 which showed that 99% have a mobile phone, 80% carry a phone at work, and 18% use a mobile phone for running work related software/applications. When examining the results for GMC registered doctors only, the number are higher: 100% have a mobile phone, 87% carry a phone at work, while 30% use a mobile phone for running work related software/applications. We anticipate that a year on, these numbers have only risen further. 5 http://www.d4.org.uk/research/ © 2012 Devices 4 Limited 10
  11. 11. Regulation of health apps: a practical guide Figure 5: Mobile phone and app use by health professionals in the UK 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% Own a mobile phone Carry mobile at work Run work related software/apps All health professionals GMC registered doctors Source: d4 survey of mobile phone usage by health professionals in the UK, 2010 The use of apps for health care purposes is not limited to health professionals. This technology has huge potential to support the population as a whole. Developers and users are only just starting to explore the potential use cases, but popular apps to date include those that support healthier living, help manage a long-term condition, and to provide initial advice on an emerging medical problem. Employers are also experimenting with how smart phone technology can improve patient safety and outcomes, while simultaneously driving higher efficiency. In summary, the market for health apps shows strong signs of growth, both in terms of the supply of apps and the number of downloads. Health professionals are using them at work, patients are using them at home, and healthcare employers are beginning to recognise the positive impact they can have on patient safety, outcomes and system efficiency. © 2012 Devices 4 Limited 11
  12. 12. Regulation of health apps: a practical guide Chapter 3: Regulatory frameworks applicable to health apps mHealth is a new industry and the regulatory environment is evolving. Regulators are necessary to safeguard the public and uphold confidence in markets that would otherwise be open to potential abuse. But regulations also need to support, and not stifle, innovation. As a non-profit organisation based in the UK, we are primarily concerned with the regulations that apply to the UK market. However we recognise that healthcare is an increasingly global discipline, and the opportunities for those publishing apps are similarly widespread. As it stands, the regulation covering apps in the UK is driven at a European level, so we believe this guide will be helpful for those producing and using health apps in other European member states, provided they have transposed the relevant directives into national law. There may, however, be country-by-country variations in how the European directives have been transposed into national law. It is also important to recognise that our focus in this document is medical devices regulation and not the associated laws that may also apply to the parties involved (e.g. other consumer protection legislation). We also include a summary of the current position in the USA, the largest healthcare market in the world, which may be of interest for those in the UK or further afield looking to publish apps in that jurisdiction. The role of the MHRA The Medicines and Healthcare products Regulatory Agency (MHRA)6, an executive agency of the Department of Health, is the body responsible for the regulation of medical devices in the UK. While regulation is set at a European level under the Medical Devices Directive, the MHRA is the Competent Authority for the UK and therefore has responsibility for interpreting and enforcing legislation transposed into UK law. In May 2010 the MHRA held a session7 of the Medical Devices Technology Forum (MDTF) focused specifically on the issue of software as a medical device. Although not a formal guidelines document, the minutes of the meeting provide some further clarity on what the MHRA itself recognises as a rapidly advancing area surrounded by ambiguity: As advances have been made, the MHRA has found that healthcare providers and manufacturers are increasingly uncertain of which rules apply, not only to the medical device, but to software information systems and infrastructure that they are used in conjunction with. In addition to this confusion, the MHRA has found that the number of Field Safety Notices and user adverse incident reports arising from faulty software is rising, and believes that this trend may continue unless action can be taken to address any identifiable underlying causes. 6 http://www.mhra.gov.uk/ 7 http://bit.ly/d4MHRA2 © 2012 Devices 4 Limited 12
  13. 13. Regulation of health apps: a practical guide The minutes reference that a European working group is working on providing further guidance on the definition of software under the Medical Device Directive. This is likely to result in a formal commission guidance document (known as a MEDDEV) with an expected 2012 publication date. The Medical Device Directive The Medical Device Directive 93/42/EEC (MDD)8 is the primary source of regulation governing health apps across European member states. In essence, the directive defines what constitutes a medical device, how medical devices should be regulated according to different classifications, and how devices should be marked to demonstrate their conformity. It is important to note that under most circumstances, EU directives do not have direct effect9: they only come into force when implemented in national legislation. How does the MDD define a medical device, and does a health app count? Article 1 of the MDD tackles the thorny issue of defining a medical device. Despite covering over three pages, the treatment of health apps is, in our opinion, still somewhat ambiguous and open to interpretation. Under clause 2(a), a medical device is defined as follows: any instrument, apparatus, appliance, software, material or other article, whether used alone or in combination, including the software intended by its manufacturer to be used specifically for diagnostic and/or therapeutic purposes and necessary for its proper application, intended by the manufacturer to be used for human beings for the purpose of: — diagnosis, prevention, monitoring, treatment or alleviation of disease, — diagnosis, monitoring, treatment, alleviation of or compensation for an injury or handicap, — investigation, replacement or modification of the anatomy or of a physiological process, — control of conception, and which does not achieve its principal intended action in or on the human body by pharmacological, immunological or metabolic means, but which may be assisted in its function by such means; We would argue that the explicit addition of the word “software” (am amendment made to the MDD in 2007) could capture most, if not all, health apps. However, the May 2010 minutes of the MDTF suggest the MHRA applies certain characteristics that determine whether software is deemed a medical device or not. — Electronic Health Records (EHR) – while views apparently differ across Europe, the MHRA believes that if software is purely a record archiving and retrieval system it is unlikely to be considered a medical 8 http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CONSLEG:1993L0042:20071011:en:PDF 9 http://europa.eu/legislation_summaries/institutional_affairs/decisionmaking_process/l14547_en.htm © 2012 Devices 4 Limited 13
  14. 14. Regulation of health apps: a practical guide device. However if it includes a module that interprets data or performs a calculation, then it is likely that this module (or system) may be considered a medical device, depending on the claims of the manufacturer. — Decision Support software will generally not be considered a medical device if it exists to provide already existing information to enable a healthcare professional to make a clinical decision. However, if it performs a calculation or the software interprets or interpolates data and the healthcare professional does not review the raw data, then this software may be considered a medical device. So we would suggest that software versions of reference material and medical textbooks (e.g. British National Formulary) and decision support material (e.g. resuscitation pathways, NICE clinical guidelines) are unlikely to constitute a medical device in the eyes of the MHRA. Any grounds for further debate will likely centre on a manufacturer’s intended use, which would certainly focus on what the app does and how it is marketed. Article 1 clause 2(g) of the MDD states the following: ‘intended purpose’ means the use for which the device is intended according to the data supplied by the manufacturer on the labelling, in the instructions and/or in promotional materials; Given the potentially broad remit, we raised a query on this point explicitly with the MHRA to try and understand their current interpretation of the applicability of the directive on health apps. We received the following response: Only after a product meets the definition of a medical device does it get classified according to risk, the risk classification then determines the compliance requirements. There is clearly a full range of application from the simple non-clinical to potentially complex ones for medical use. As an example, if the application is intended to carry out further calculations, enhancements or interpretations of entered/captured patient data, we consider that it will be a Medical Device. If it carries out complex calculations, which replaces the clinician’s own calculation and which will therefore be relied upon, then it will certainly be considered a Medical Device. The MHRA certainly appears to be drawing a line between software that simply stores and retrieves medical data, and more sophisticated applications. Citing examples of apps that we have witnessed to date, we probed deeper to try and understand where the line would be drawn by the MHRA. While a Body Mass Index calculator that takes a patient’s height and weight and produces a score according to a simple formula would probably fall just outside their definition of a medical device, in their opinion, a paediatric dosage calculator that takes patient data and produces a recommend dosage for different medicines depending on a number of patient details would constitute a medical device. © 2012 Devices 4 Limited 14
  15. 15. Regulation of health apps: a practical guide Figure 6: d4 Determination continuum of apps as medical devices in the UK Source: d4 analysis It should be noted that a European Working Group on the qualification and classification of standalone software has recently completed the drafting of new guidance. The MHRA has been active within this Working Group and is likely to adopt the recommendations. A recent blog post10 has shed light on a decision tree that might be included in a formal MEDDEV on this subject for publication during 2012. Figure 7: Potential decision tree for determining standalone software vs. scope of MDD Source: Erik Vollebregt, medicaldeviceslegal.com 10 http://medicaldeviceslegal.com/2011/10/24/standalone-software-regulated-as-medical-device-a-look-under-the-hood-of- the-draft-meddev/ © 2012 Devices 4 Limited 15
  16. 16. Regulation of health apps: a practical guide Who is the manufacturer under the MDD, the developer or the publisher? Clause 2(f) of Article 1 provides the definition of a manufacturer as follows: ‘manufacturer’ means the natural or legal person with responsibility for the design, manufacture, packaging and labelling of a device before it is placed on the market under his own name, regardless of whether these operations are carried out by that person himself or on his behalf by a third party. The obligations of this Directive to be met by manufacturers also apply to the natural or legal person who assembles, packages, processes, fully refurbishes and/or labels one or more ready-made products and/or assigns to them their intended purpose as a device with a view to their being placed on the market under his own name. This subparagraph does not apply to the person who, while not a manufacturer within the meaning of the first subparagraph, assembles or adapts devices already on the market to their intended purpose for an individual patient Our reading of the above is that the publisher of the app (i.e. the organisation that places the device on the market in their own name) is deemed the manufacturer and is obliged to abide by the directive. However, app developers working under contract for a publisher should be made aware of the requirements of the directive so that the design, building and testing of the app is sympathetic to the requirements of the directive. Publishers should also recognise that there is a legal obligation under the MDD to exercise sufficient control over the developer to implement post market surveillance and take corrective action where necessary (e.g. bug reporting and resolution). The contract between the publisher and developer should therefore consider these issues, and the design of the app may want to include the ability to notify users or even terminate use if corrective action is required. What if the app is free, does the MDD still apply? In a word, yes. The directive is quite clear under clause 2(h) – placing a device on the market is the trigger for compliance, regardless of whether the manufacturer charges for the device or not. ‘placing on the market’ means the first making available in return for payment or free of charge of a device other than a device intended for clinical investigation, with a view to distribution and/or use on the Community market, regardless of whether it is new or fully refurbished If an app is a medical device under the MDD, what are the implications? The first step is to determine the correct risk class for your app. The latest guidance on the classification of medical devices at the time of writing suggests that most apps would be classified under Class I. “Stand alone software” is considered to be an active medical device and the rule set for classification of these devices is relatively straightforward. If Rule 9, 10 or 11 apply (see Figure 7), then your app may be classified as Class IIa or IIb. However if none of these three rules apply, then by © 2012 Devices 4 Limited 16
  17. 17. Regulation of health apps: a practical guide default your app would be Class I under Rule 12. Please see the diagram below for more details on this, or consult MEDDEV2.4/111. Figure 8: Classification of active devices Source: MEDDEV 2.4/1 Rev. 9, Section 4.1 p21 (June 2010) The requirements of manufacturers of Class I devices are succinctly captured within the MHRA Guidance Note 712. It lists the following obligatory actions under this “self declaration” route for conformity to the MDD, providing further guidance for each item: • Review the classification rules to confirm that their products fall within Class I (Annex IX of the Directive) • Check that their products meet the Essential Requirements (Annex I of the Directive) and document this [by conforming to EN63204 you can evidence your obligations to meet the state of the art in software development] • Prepare relevant technical documentation [including clinical evaluation – see MEDDEV 2.7/1] • Draw up the “EC Declaration of Conformity” (below) before applying the CE marking to their devices • Implement and maintain corrective action and vigilance procedures • Obtain notified body approval for sterility or metrology aspects of their devices, where applicable • Make available relevant documentation on request for inspection by the Competent Authority • Register with the Competent Authority 11 http://ec.europa.eu/health/medical-devices/files/meddev/2_4_1_rev_9_classification_en.pdf 12 http://www.mhra.gov.uk/home/groups/es-era/documents/publication/con007511.pdf © 2012 Devices 4 Limited 17
  18. 18. Regulation of health apps: a practical guide • Notify the Competent Authority, in advance, of any proposals to carry out a clinical investigation to demonstrate safety and performance of a device as required by the Regulations The conformity assessment procedures for Classes IIa and IIb are more onerous and are summarised within a separate MHRA bulletin13. What can a developer assume with respect to a user’s training and/or competency level? Drawing on an analogy with medicines, which provide health professionals with an element of autonomy on the basis that the individual making the decision is suitably trained, in the minutes of the May 2010 session of the MDTF, the MHRA recommends that "it might be useful to capture the professional competence of the individual who has control over the software/product, perhaps through an accreditation scheme." It is not clear whether by “the individual who has control of the software/product“ here makes reference to the developer or the end user. However the MHRA go on to cite Annex 1 clause 13.1 of the MDD, which states: Each device must be accompanied by the information needed to use it safely and properly, taking account of the training and knowledge of the potential users, and to identify the manufacturer. So we would therefore advise health app publishers to make the following explicit: • The identity of the manufacturer of the software, and potentially the medical training and qualifications of those involved in the process • How to safely use the software given the intended medical purpose • The intended user of the software, including any expected level of medical training or qualifications • Include in the technical file considerations regarding usability engineering I’m still not sure what I should do? In the first instance, d4 would recommend you contact the MHRA and seek their advice. But if you’re still in two minds, we would suggest erring on the side of caution and registering your app as a medical device. The cost of registering as a manufacturer under Class I is a modest £70 at time of writing and the compliance requirements are inline with good practice for any organisation producing software to meet healthcare needs. But don’t underestimate the benefits either – once registered you can mark your app with the CE label so that potential customers can buy with confidence in the knowledge that your app conforms to the European regulations as a medical device under the Medical Device Directive. You can also market your app across 32 EEA countries, although you will need to provide instructions for use in the local language, and many need to customise the user interface accordingly. 13 http://www.mhra.gov.uk/home/groups/es-era/documents/publication/con007492.pdf © 2012 Devices 4 Limited 18
  19. 19. Regulation of health apps: a practical guide Pharmaceutical industry perspective By Paul Dixey and Sam Walmsley, Bluelight Partners14 In the last few years we have seen a number of pharmaceutical companies launch apps for health professionals, patients and the wider public15. These have ranged from professional educational content and brand information to the development of attachments such as pocket ultrasounds and diabetes management. However the range of knowledge and experience varies across the industry on how to develop these apps from a process, liability, and regulatory perspective. Earlier this year saw several high profile pharmaceutical company apps removed from the Apple App Store16. Historically, pharmaceutical companies have developed expertise in the prescription pharmaceutical rules, regulations and codes when it comes to providing a service alongside their product to health professionals or the public. Consequently many medical, legal and compliance departments don’t have expertise in medical devices or a relationship with the relevant department of the MHRA. When the question of whether a specific app is a medical device is asked at industry events, there is often a shuffling of feet and nervous glances. Internal discussions on this matter include the practical “How can we check the review section on iTunes for adverse events” to the technical: if the app is hosted on a server in the USA is an export licence needed to download it to an iPhone in the EU? Practical considerations for pharmaceutical companies 1. How does developing and launching an app help achieve your strategy? Just because a competitor has an app or it seemed a good idea in the agency pitch are not good enough reasons. Try to avoid the “shiny toy” syndrome and ask instead how does this app benefit health professionals, their patients or public health. Is it better than what else is out there? 2. Have you complied with the regulatory requirements? If your app will be associated with, contributes to or makes a clinical decision, assume that it will be classified as a medical device and therefore must conform to the regulations. Seek expert advice and prepare the necessary technical documentation required by the Competent Authority. 3. How will you measure the app’s performance? Downloads are important but engagement is critical. One recent study has shown that 26% of downloaded apps are only used once. 4. How will you promote it, how will you maintain it? Adding an app to the app store is rarely enough to market successfully. If your app is successful and you have built up a sizeable list of users, you may feel obliged to release updates to preserve its relevance. 5. How will you manage access given different potential audiences? In the UK, for an app made for health professionals that features brand information, it may be sufficient to add a disclaimer before download. An additional reminder within the app and accompanying alternative content for the public may satisfy medical and legal departments but this will differ across countries. 14 http://www.bluelightpartners.com 15 http://www.inpharm.com/digital-pharma-blog/links/mobile-apps 16 http://www.inpharm.com/news/110107/digital-pharma-pfizer-jnj-merck-pull-iphone-apps © 2012 Devices 4 Limited 19
  20. 20. Regulation of health apps: a practical guide Further regulatory considerations in Europe Within the EU, further regulatory considerations beyond the Medical Device Directive include the following: • Liability for defective products (1985/374/EC &1999/34/EC) • General product safety (2001/95/EC) • Sale of consumer goods (1999/44/EC) • Information society services and ecommerce (2000/31/EC) • Data Protection (1995/46/EC) • Misleading and comparative advertising (2006/114/EC) • Unfair business-to-consumer commercial practices (2005/29/EC) Given the range of legal issues concerned, and the potential sources of liability that manufacturers of apps face, we strongly recommend developers and publishers seek legal advice to ensure they conform to the relevant regulations. Evidence of conformity in Europe Under the MDD, prior to placing a medical device on the market, manufacturers are required to register with their Competent Authority and label their device with the CE mark. However at time of writing, there is no central European register of manufacturers or medical devices. Therefore if a member of the public would like to verify whether a device or manufacturer is registered, they would have to enquire with each Competent Authority for the 27 Member states. Research by d4 has concluded that very few apps have been CE marked. We have identified just four manufacturers with apps on the Apple iTunes App Store at present: Calgary Scientific’s ResolutionMD17, MIM Software’s Mobile MIM18, AirStrip Technologies AirStrip OB19, and Medicapps Mersey Burns. We expect this number to grow considerably as the industry matures. However for apps that fall outside the requirements of a medical device (the boundary of which may vary by Competent Authority and Member state) there are no specific medical requirements to meet, and therefore no signal to consumers that an app is safe to use. 17 http://www.calgaryscientific.com/index.php?id=5 18 http://www.mimsoftware.com/products/mobilemim 19 http://www.airstriptech.com/Portals/_default/Skins/AirstripSkin/library/pr_cemark.pdf © 2012 Devices 4 Limited 20
  21. 21. Regulation of health apps: a practical guide Regulation of health applications in the USA The FDA is the responsible organisation for the regulation of medical devices in the USA. It recently published draft guidance20 (21 July 2011) for what it defines as “mobile medical applications”, inviting comments from industry and staff. The FDA definition of a mobile medical application is as follows: a “mobile medical app” is a mobile app that meets the definition of “device” in section 201(h) of the Federal Food, Drug, and Cosmetic Act (FD&C Act); and either: — is used as an accessory to a regulated medical device; or — transforms a mobile platform into a regulated medical device. The intended use of a mobile app determines whether it meets the definition of a “device”. Further, the FDA goes on to detail its intended scope of medical mobile applications, explicitly providing examples of mobile apps that it considers fall outside the definition. These include: • Mobile apps that are electronic “copies” of medical textbooks, teaching aids or reference materials, or are solely used to provide clinicians with training or reinforce training previously received. • Mobile apps that are solely used to log, record, track, evaluate, or make decisions or suggestions related to developing or maintaining general health and wellness • Mobile apps that only automate general office operations with functionalities that include billing, inventory, appointments, or insurance transactions. • Mobile apps that are generic aids that assist users but are not commercially marketed for a specific medical indication. • Mobile apps that perform the functionality of an electronic health record system or personal health record system. The 90 days consultation period has now ended, so we wait with interest as to how the FSA will interpret the feedback received21 and the regulations that result. 20 http://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/ucm263280.htm 21 http://www.regulations.gov/#!docketDetail;dct=PS;rpp=10;po=0;D=FDA-2011-D-0530 © 2012 Devices 4 Limited 21
  22. 22. Regulation of health apps: a practical guide Chapter 4: Considerations for health app developers The following section has been written with first-time developers of health apps in mind. d4 is occasionally approached by health professionals and others thinking of developing their own apps for the medical community and wider healthcare market. It is not intended to serve as an exhaustive “how to” guide, but aims to serve as a reference point for those considering their first app. Intellectual Property Rights If you are currently employed, depending on the nature of your employment contract, you may find that the intellectual property of any work you produce, whether during office hours or not, belong to your employer. It may be possible negotiate a waiver or license for you to develop your idea commercially. You will also need to research your idea thoroughly to ensure you are not infringing the intellectual property rights of others. This could be via patents, trademarks or material under copyright. If your idea is original, you will want to investigate protecting your own ideas in a similar way. The Intellectual Property Office22 is a good source of advice and has databases to support your research, however it maybe a good idea to enlist the help of a patent attorney. A non-disclosure agreement (NDA) is a legal document that once executed can be used to prevent third parties that you would like to discuss your idea with from disclosing your idea to others. Design, build and test App design usually results in a written specification document that describes what the app does (the functionality), the graphical design and how it is operated (the user interface). The clearer the specification, the more efficient the build phase. [EN 62304 is a helpful standard to follow when designing and developing medical software – see Further Reading at the end of this chapter.] With the design specified, the app can be made. You may undertake this yourself if you have the right knowledge or tools, or hire the skills of a developer. Once you have a working prototype of your app, it is advisable to test it thoroughly. This is an opportunity to both eliminate errors and to improve on your design. If you anticipate that your app will constitute a medical device, it is essential to keep good records throughout the design, build and test phase, as this will help you prepare the necessary technical documentation. 22 http://www.ipo.gov.uk © 2012 Devices 4 Limited 22
  23. 23. Regulation of health apps: a practical guide Managing liability Liability surrounding the use of apps is a complex issue and we recommend you research this issue extensively and seek legal advice. "The Business of iPhone App Development: Making and Marketing Apps that Succeed" by Dave Wooldridge and Michael Schneider23 may be a useful starting point. Within a chapter focused on "protecting your intellectual property" it explains the importance of the End User License Agreement (EULA). You may want to utilise the default application store terms or provide your own – both usually include warranty disclaimers and limitations of liability to the extent possible within law. Terms and conditions often vary by country. As an example, you can find the latest Apple iTunes App Store legal information online24. A further line of defence might be to incorporate a company to act as the manufacturer of your apps. This puts a degree of separation between you and the company, protecting your personal assets. Further reading • Medical software design standard IEC 6230425 • EMDT article: “Simplifying IEC 62304 Compliance for Developers”26 • EMDT article: “Developing Medical Device Software to IEC 62304”27 23 http://books.google.co.uk/books?id=gebdTqLjj5EC&pg=PA54 24 http://www.apple.com/legal/itunes/ww/ 25 http://webstore.iec.ch/preview/info_iec62304%7Bed1.0%7Den_d.pdf 26 http://www.emdt.co.uk/article/simplifying-iec-62304-compliance 27 http://www.emdt.co.uk/article/developing-medical-device-software-iso-62304 © 2012 Devices 4 Limited 23
  24. 24. Regulation of health apps: a practical guide Case Study: Mersey Burns app by Rowan Pritchard-Jones MD FRCS(Plast) “Mersey Burns” is a clinical tool for estimating burn area percentages, prescribing fluids using Parkland, background fluids and recording patients’ details. The app works on the Apple iPad™, iPhone® and iPod Touch®, and was developed within the Mersey Plastic Surgery Unit. The inspiration for the app came after supervising junior doctors’ calculation of fluid protocols for burn patients, which requires the calculation of a complex formula under different scenarios. One of the principal difficulties in these cases is accurately calculating the percentage of the body surface area burned. With the Mersey Burns app, a doctor can graphically highlight the areas of the patient that are burned and enter some basic statistics such as their age, height and weight. The app then calculates the necessary fluids protocol to be administered over the 24 hours following burn injury. The information entered and the results calculated can then be emailed for example, from an outlying hospital to a specialist Burns Unit Mersey Burns was developed with a PhD Computer Scientist. Once a prototype of the app was made, it was tested against current paper-based methods of burn assessment to confirm accuracy and reproducibility. Twenty staff, ten from each of plastic surgery/A&E departments at Whiston Hospital were given a photograph of a burn-injured child and asked to calculate the total body surface area (TBSA), Fluid Resuscitation and maintenance fluids using paper or app. There was no significant difference between the app or paper TBSA assessment, but there was significantly less variance in the app assessment compared to paper assessment with respect to total fluid, and background fluid requirements. The research confirmed that the Mersey Burns app is an appropriate tool for calculating the TBSA and fluid management of burn injured patients. Furthermore, it delivers improved accuracy with respect to resuscitation and background fluid calculation. It is hoped therefore that the app will improve patient outcomes. A declaration of conformity has been accepted by the MHRA to demonstrate that the software medical device is compliant with the essential requirements and other relevant provisions of Medical Devices Directive 93/42/EEC28. [It is understood that this is the first app to be registered with the MHRA as a Class I medical device and therefore the first publically available UK app to carry the CE mark. The Mersey Burns app is available for download from the Apple App Store29.] 28 http://bit.ly/d4MHRA 29 http://itunes.apple.com/gb/app/mersey-burns/id481808668 © 2012 Devices 4 Limited 24
  25. 25. Regulation of health apps: a practical guide Chapter 5: Managing app use within a health organisation The proliferation of mobile devices across the developed world signals a new wave of technological evolution. While many different factors can explain this trend, one factor is at its heart: user experience. People find mobile technology intuitive and therefore highly accessible. Apps are a further extension of this trend. The market place dynamic created by manufacturers’ app stores provides significant discipline: to succeed apps must have mass public appeal. Paradigm shift: app mentality The ‘app mentality’ this creates represents a paradigm shift in terms of healthcare software. Traditionally the industry approach has been to develop large, complex, ‘enterprise’ solutions that cater to a vast array of different user requirements as a one-size-fits-all proposition. Many of these programs have failed in a spectacular and costly way in the UK, leading to a cessation of the NHS National Programme for IT. Apps approach the same problem from the opposite perspective. Using the technology base provided by the mobile devices (i.e. the hardware and operating system), apps are the software industry’s answer to small, discrete user needs. In a diverse and complex area like healthcare, apps are the perfect way to deliver a solution to fit a particular niche. Further by breaking the problem down into discrete parts, the return on investment for software purchases becomes much easier to calculate. In the UK, the Department of Health has recently led an exercise called “Maps and Apps” to encourage further innovation and app use30. Mobile devices have been shown to promote more efficient communication in a clinical setting, but they also have the potential to deliver more efficient decision-making at the point of care, independent of the patent’s location. They also provide an empowerment mechanism for patients so that they can take greater responsibility for their own diagnosis and treatment. Harnessing consumerisation The explosion in the popularity of mobile devices, particularly smart phones, has driven one agenda item up the priority list for many chief technology officers: the ‘consumerisation’ of IT. Employers are grappling with the pace of change and the rise in their employees’ expectations when it comes to technology. Employees often feel that they have access to a better computer or mobile phone at home than they are provided at their place of work. By using their own personal devices in a work environment, employees are able to express an element of choice, and use the technology that they are most familiar or comfortable with. This is perhaps most acute in the field of mobile devices – there is a staggering array of choice, and people often change devices on an annual basis. 30 http://mapsandapps.dh.gov.uk/ © 2012 Devices 4 Limited 25
  26. 26. Regulation of health apps: a practical guide Recognising app risk For the organisation, the consumerisation of IT has clear upsides – employees and other third parties take on at least some of the burden of maintenance, training and potentially, cost. But for organisations this presents new challenges and risks. First and foremost, the use of mobile devices adds a new dimension to information security. By being mobile, there is even greater potential for sensitive data to leave the organisation. Wireless devices by their nature can facilitate remote access to healthcare systems and databases. Segregating data thoroughly to ensure appropriate access rights from different devices for different users is already a complex arena, fraught with reputational, regulatory and commercial risks for the organisation. Additionally, as devices are increasingly used to aid diagnosis and treatment, facilitating appropriate use of information technology becomes mission critical. Organisations need to ensure that they clearly flag solutions that are for clinical use, when such use is appropriate and provide sufficient training to support this. Further, it is essential that organisations maintain the IT they provide so that it remains fit for purpose, requiring a suitable level of version control to ensure clinicians are using tools that are up to date. Managing the app environment Faced with these challenges, organisations can apply different strategies to manage the challenges and risks presented by using apps in a professional setting. We believe there are three main mechanisms to achieve this. Permit only organisation-issued devices This strategy suggests an outright ban on personal device use for work purposes. Managing the risks associated with the use of personal devices usually requires a level of trust and responsibility in the individual, or a virtual ‘take over’ of the personal device through restrictive security profiles where supported. Instead, organisations supply employees with a device pre-configured to their exact security standard and policies. This could include requiring that the device does not leave the physical environment, only permitting access to the local wireless network and preventing any additional software from being installed on the device beyond that approved and maintained by the organisation. Mobile device management This strategy supports the use of personal devices at work, but typically requires the employee who owns the device to hand-over control of different features to the organisation. This could include restricting network access, removing app installation rights, blocking or removing non-compliant apps or services etc. Such restrictions are usually objected to by employees who are not prepared to give up certain freedoms on what is essentially their own device that they pay for and use outside of work. © 2012 Devices 4 Limited 26
  27. 27. Regulation of health apps: a practical guide Mobile app management This strategy is a more nuanced version of mobile technology management, helping organisations manage the app layer on both employer and personal devices. Organisations can provide employees access to specific work software tools and services in a secure, segregated manner by deploying specific apps to their employees. These solutions typically employ a security wrapper to ensure only approved individuals can access the system, and a level of data security to prevent either data being stored on the device altogether, or by ensuring any such data that is locally held is encrypted. Often such solutions include a private, enterprise ‘store’ to allow distribution of apps via a central service. This can also serve as a mechanism to flag relevant apps to specific employee groups, to achieve group-purchasing discounts and to manage version control. Promoting the use of apps across the organisation Once organisations have a clear framework and strategy in place to manage the challenges and risks, the final challenge is to promote app usage across the organisation. This may seem trivial, but there are some important facets to consider that extend beyond a “build it and they will come” approach. Firstly, device manufacturers fall into different models when it comes to how apps can be added to the base operating system. Closed market place Apple is perhaps the best example of this. Typically, apps can only be installed onto an Apple device running Apple’s iOS operating system if the software has been digitally ‘signed’ by Apple. In the extreme, this means that for most Apple iOS users the only way to add apps to their device is through the Apple App Store, although a private certification route is available for organisations. Open market place This is the mechanism favoured by most device manufacturers. Users can add apps to their device through different routes, free of any certificate requirement from the manufacturer. While the manufacturer will promote their own app stores as the main distribution channel, it is possible to add apps by simply downloading an app from any source official or otherwise. In an effort to compete with Apple’s current dominance, some manufacturers are going one step further, by supporting apps made for their competitors operating systems e.g. Research in Motion have recently announced that its next version of the BlackBerry operating system (OS) will be able to run apps made for Google’s Android OS31. 31 http://press.rim.com/release.jsp?id=5230 © 2012 Devices 4 Limited 27
  28. 28. Regulation of health apps: a practical guide Limitations of public app stores Lastly, it is important to set out the potential limitations of relying on public app stores for app discovery, especially in the context of the large, diverse healthcare industry. • The popularity of app stores provides for a considerable degree of choice, which can often bewilder users who are unsure which apps are right for them. • Classification of apps is superficial, and at worse misleading. At present apps are categorised into a small number of generic buckets (e.g. “Medical”) at the recommendation of the developer. • Identifying which apps are appropriate for clinical use is difficult as there is little information presented to users to signal quality control while regulatory oversight remains low (e.g. the limited use to date of the CE Mark for regulated medical devices in Europe). Users should be wary of apps that claim medical functionality but then subsequently negate this in the user conditions. • Reviews provide an indication of user acceptance, but this requires sufficient volume to be robust, and as an open system, the credibility and agenda of the reviewers is sometimes difficult to gauge. It is believed that some developers pay large groups of individuals to download their app and submit positive reviews in an effort to boost sales. • App stores rely on ranking algorithms to signal popular apps when users conduct searches. Therefore apps that have niche appeal prove harder to find given their intended small audience. Put another way, popular is not synonymous with useful. Further reading • ISO 8000132 • ISO 8000233 • Swedish MPA: “Proposal for guidelines regarding classification of software based information systems used in health care”34 32 http://www.iso.org/iso/catalogue_detail.htm?csnumber=44863 33 http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=54146 34 http://www.lakemedelsverket.se/upload/foretag/medicinteknik/en/Medical-Information-Systems-Report_2009-06-18.pdf © 2012 Devices 4 Limited 28
  29. 29. Regulation of health apps: a practical guide Case study: Happtique By Corey Ackerman, President of Happtique35 When the iPad® first hit the market in 2010, GNYHA Ventures, Inc. (the for-profit arm of the Greater New York Hospital Association) purchased 150 devices for a pilot program. Eager to explore the potential of mobile devices to help hospitals improve efficiencies, GNYHA Ventures distributed the iPads to focus groups in a few member hospitals, as well as to internal staff. GNYHA Ventures came across a number of challenges involving the discovery, deployment, and management of apps. Feedback from the focus groups revealed that it was extremely difficult to find relevant, useful mHealth apps due to a lack of categorisation in the app markets at the time. As a result, GNYHA Ventures identified a need for a healthcare-centric mobile application store, which led us to launch Happtique. Happtique is the first mobile application store for healthcare professionals by healthcare professionals. It offers healthcare enterprises – like hospitals, medical schools, and physician practices – the ability to create individually branded, secure application stores for employee and patient use. The device/platform-agnostic solution allows organisations to deploy apps, monitor app usage, define a log-in policy for each custom app, remotely wipe or lock an individual app if a device is lost or if an employee changes jobs, and protect apps with a security wrapper. Each organisation can select the apps they want staff or patients to have access to. Furthermore, custom, proprietary apps can be distributed to the appropriate end users in a private manner. We are currently testing our custom application store solution with eleven top-tier healthcare organisations to gain feedback and a better understand their specific mHealth needs. In addition to its enterprise solution, Happtique also offers a public store that currently includes over 5,000 iOS health and medical apps from the Apple® App Store. (Happtique will offer apps for other leading platforms, such as AndroidTM and BlackBerry®, in 2012.) Unique to other app markets, Happtique’s apps are categorised employing the same techniques used by medical libraries. Happtique’s expert classification team – consisting of a medical librarian, a physician, and a registered nurse – have organised apps into over 100 professional audiences and topics, allowing users to browse easily by specific profession or clinical relevance. 35 http://www.happtique.com © 2012 Devices 4 Limited 29
  30. 30. Regulation of health apps: a practical guide Key Ways Organisations Can Use Happtique Help your health professionals, administrators, patients, caregivers, students and others find apps by giving them access to Happtique’s global catalogue, with thousands of apps sorted into meaningful medical and health categories Stock your privately branded application store with “third-party” apps – apps available in public marketplaces – that you want your health professionals, administrators, students, faculty, etc. to use, including those that your organisation has purchased or will reimburse Internal Enterprise Use List your organisation’s “preferred” apps using Happtique’s categories or categories that your organisation creates Create unique catalogues of apps for different end users (e.g. doctors, nurses, students, administrators) Use your organisation’s store to house apps that are developed by your employees, faculty, or other staff or that your organisation commissions Use the security technology available through Happtique to help ensure the proper use of mobile apps – on both enterprise-issued devices as well as personal devices – by controlling app deployment, monitoring and tracking use, including remotely wiping apps from devices when necessary Use Happtique to position your organisation as an mHealth leader – a place where tech-savvy health professionals want to work, patients want to receive care, and/or students want to learn Use Happtique’s platform to distribute documents (PDF, PowerPoint, Excel) to mobile devices. Use Happtique to create and deploy “Web apps” to employees, patients, and students Stock your store with custom-built Android apps for consumers with such information as insurance plan coverage, physician referrals, appointment scheduling, access to a virtual ID card, maps and directions, services offered, etc. Prescribe apps to patients using Happtique’s patent-pending mRx Patient Use solution36 Use Happtique to support the safe and secure transmission of information from “tracker” apps (e.g., glucose monitoring) between patients and clinicians Use Happtique’s platform to deploy “connected” apps (apps that interface with care records or other clinical systems) to patients Use the Happtique platform to distribute apps for clinical trials involving mobile health technology with your staff, patients, patients’ family members, etc. 36 Available in 2012 © 2012 Devices 4 Limited 30
  31. 31. Regulation of health apps: a practical guide Chapter 6: Conclusion How are health apps regulated, and how do I know if they are safe to use? The regulations applicable to health apps vary by geography. In the UK, the MHRA is responsible for the regulation of medical devices. Manufacturers of medical devices are obliged to register with the MHRA and disclose their conformity with the Medical Device Directive by CE marking their product. Other regulatory considerations may also apply. What are the regulatory issues I should consider if I’m developing a health app? Developers of apps for the healthcare sector should carefully consider whether the software they are placing on the market (regardless of whether the app is chargeable or not) constitutes a medical device under the current regulations. The regulations are likely to differ by market, and are subject to change (c.f. the current FDA consultation exercise for ‘mobile medical apps’). We would recommend engaging early with the responsible bodies in each market in which the app will be distributed and seeking professional legal advice. How can I manage the use of apps across my organisation? At present, apps are predominantly distributed via the stores of the major mobile platforms. There are a number of pitfalls with this approach for healthcare organisations. Alternative independent solutions exist for managing mobile devices and apps. These are likely to gain traction given the shortcomings of the mechanisms used by the mass market. Happtique is an interesting option given its specific healthcare focus and curated catalogue of the existing health app market. © 2012 Devices 4 Limited 31
  32. 32. Regulation of health apps: a practical guide Closing remarks and recommendations Health professionals make considerable use of mobile phones during their working day, as do their patients. As the popularity of running software applications on mobile devices continues to increase, we anticipate that the use of apps to aid medical diagnosis and treatment will gain in popularity with a corresponding increase in risk to the general public. Specific regulations that accompany this nascent technology are in their infancy, but should not be ignored. For all stakeholders concerned, it is in our collective interest to support responsible use of this new technology. It will take one high profile failing to cause a loss of trust that can take months, if not years, to rebuild. We would therefore make the following recommendations: 1. Health professionals should carefully consider the risks when using apps to support a patient’s care. 2. Developers should test their apps thoroughly and maintain adequate technical documentation to evidence this. 3. Publishers should ensure compliance with the necessary regulations before releasing apps on to the market. 4. Organisations should investigate ways to manage the use of apps by their employees, and put in place mechanisms to identify those apps that are deemed fit for professional use. 5. Patients should examine carefully the source of the apps they use to manage their health. Within Europe, health apps that influence a patient’s treatment should carry the CE mark to demonstrate their conformity with the appropriate regulation. © 2012 Devices 4 Limited 32
  33. 33. d4 is a non-profit organisation that aims to improve patient care by placing modern technology in the hands of doctors, nurses and other health professionals. Simply put, we believe that better communication means better care. © 2012. All rights reserved. Devices 4 Limited Registered in England & Wales Registered charity no. 1135435 Registered company no. 0711788 Registered office: 275 Wandsworth Bridge Road, London, SW6 2TX Tel: 0845 686 3434 Fax: 0845 686 3435 Email: info@d4.org.uk

×